Traditional RTOS architecture

One of the principal reasons for this lack of graceful
recovery is the monolithic architecture of a traditional
realtime embedded system. At the heart of most of these
systems lies a realtime executive — a
single memory image consisting of the RTOS itself and often
numerous tasks.

Since all tasks — including critical system-level
services — share the very same address space, when the
integrity of one task is called into question, the integrity
of the entire system is at risk. If a single component such
as a device driver fails, the RTOS itself could fail. In HA
terms, each software component becomes a single point of
failure (SPOF).

The only sure recovery mechanism in such an environment is to
reset the system and start from scratch.

Such realtime systems present a very low granularity of
fault recovery, making the HA procedure of planning for and
dealing with failure seemingly straightforward (a system
reset), yet often very costly (in terms of downtime, system
restoration, etc.). For some embedded applications, a reset
may involve a specialized, time-consuming procedure in order
to restore the system to full operation in the field.